Skip to main content
Goline Logo
Goline It Services Logo

Home

About Us

Services

Solutions

Systems Architecture

Support

FAQ

News

  • GOLINE SA Announces Strategic Partnership with NetApp November 7th, 2025
    GOLINE SA is excited to announce a new partnership with NetApp, a global leader in cloud data services and storage solutions. This collaboration aims to help organizations modernize their IT infrastructure, streamline data management, and enhance performance across cloud and hybrid environments. Modern Data Solutions for Businesses Through this partnership, GOLINE integrates advanced data management solutions, enabling businesses to securely store, manage, and access critical information across cloud, on-premises, or hybrid setups. Clients can benefit from: Flexible and scalable storage solutions to meet growing data needs Simplified management of cloud and on-premises environments Enterprise-grade security for sensitive and mission-critical data...
  • GOLINE SA Announces Partnership with Omnissa November 7th, 2025
    GOLINE SA is proud to announce a new strategic partnership with Omnissa, a global leader in digital workspace platforms and Horizon Cloud Service solutions. This collaboration marks a significant step forward in helping organizations embrace secure, flexible, and high-performance work environments. Why Choose Omnissa for Your Business? The platform enables virtual desktops, applications, and unified endpoint management. Organizations can deploy scalable workspaces across cloud, hybrid, or on-premises setups. Key benefits include: Easy access to desktops and apps on any device Centralized management for Windows, macOS, iOS, Android, and ChromeOS Strong security with access controls and multi-factor authentication Automated scaling to...
  • GOLINE SA partners with Cloudflare November 6th, 2025
    Goline is proud to announce a strategic partnership with Cloudflare, the world leader in web performance and security solutions. This collaboration aims to provide goline.ch customers with state-of-the-art protection against cyber threats while delivering lightning-fast website performance. Through this partnership, Goline integrates Cloudflare’s advanced services, including DDoS protection, CDN caching, DNS security, and edge computing, allowing businesses to secure and optimize their websites effortlessly. Users will benefit from improved page load speed, enhanced reliability, and robust defense against malicious attacks. This partnership with Cloudflare enables goline to offer unmatched security and performance solutions to clients. By leveraging Cloudflare’s cutting-edge technology,...

RoutePulse — NIS2 / DORA / AI-Act Compliance Dossier + WORM Audit Chain

  1. RoutePulse — BGP Analytics & Security Intelligence

Back to RoutePulse Overview

RoutePulse — NIS2 / DORA / AI-Act Compliance Dossier with WORM audit chain

Regulatory Compliance Dossier — NIS2 · DORA · AI-Act · ENISA · WORM Audit Chain

“Show me your network security posture for the last 12 months” used to mean three engineers, two weeks of log archaeology, and a PDF that doesn’t quite line up with the auditor’s questions. RoutePulse generates the dossier on demand — 12 sections of evidence, every claim cited to a specific incident or audit-chain entry, and a cryptographically-signed manifest. NIS2 Annex II compliant. DORA Article 17 ready. AI-Act Section 4 dossier for every ML model in production.

The hub at /compliance spawns 12 parallel data-collection jobs against the live operational corpus (incidents, mitigations, ML model performance, configuration drift, external exposure) and renders a signed PDF in 30–90 seconds. Beneath it, the WORM audit chain — every blackhole inject, FlowSpec rule, threshold change, and playbook fire — is cryptographically chained with SHA-256 over previous-hash || row-data, (append-only, PG-trigger-enforced). Tamper-evident, replayable, signed.

12
PDF Sections
3
Regulations Covered
€30k+
Audit cycle saved
Ed25519
+ WORM Chain

12-section evidence dossier

Executive Summary · Network Topology · Threat Inventory · Incident Catalogue (period) · Mitigation Actions (period) · ML Model Cards · Configuration Drift · External Exposure · Compliance Attestations · Operator Roster · Audit Chain Manifest · Appendices. Every claim cited back to a specific incident ID, audit-chain row, or model retraining event — auditors can drill down from the PDF to the source data.

NIS2 Article 21 attestation generator

At /compliance/nis2: risk management, incident handling, business continuity, supply chain, vulnerability disclosure — every box auto-populated from RoutePulse’s own operational data. Editable narrative fields for human context. NIS2 entered force October 2024 in the EU; essential and important entities must demonstrate ongoing compliance, not just point-in-time certification.

AI-Act model cards (mandatory from August 2026)

At /compliance/ai-act-dossier: one model card per ML detector — IsolationForest, K-Means, Markov-Chain, Holt-Winters, beaconing, DGA, ANIE, CAD. Each card covers training data lineage, performance metrics (precision/recall/F1), performance metrics, AI-Act Annex IV bias analysis on protected categories (geo country + network type, disparity ratio flagged when >5×), human oversight design, and rollback procedure. Mandatory for any high-risk AI system in the EU from August 2026.

WORM audit chain (append-only hash chain)

Every blackhole inject / withdraw / FlowSpec rule / threshold change / playbook fire is appended to an immutable Postgres table with cryptographic chaining (SHA-256 over previous-hash || row-data). Tamper-evident: alter any historical row and every subsequent hash breaks. Replayable: reconstruct exact operational state at any past timestamp. Ed25519 signed manifests + SHA-256 hash-chained audit entries give independent verification — auditors fetch public key from https://routepulse.goline.ch/api/v1/compliance/public-key and verify with openssl pkeyutl.

Key Capabilities

  • One-click 12-section PDF compliance dossier generated server-side via PDFKit + 12 parallel data-collection jobs (30–90 s)
  • NIS2 Article 21 attestation generator with auto-populated risk-management / incident-handling / business-continuity / supply-chain / vulnerability-disclosure sections
  • AI-Act dossier with one model card per ML detector covering training data lineage, performance metrics, performance metrics, AI-Act Annex IV bias analysis, human oversight, rollback procedure
  • DORA Article 17 ICT incident classification (lower-severity / major / cross-border) auto-mapped from incident severity + impact + affected services
  • WORM audit chain at /compliance/audit-chain with SHA-256 cryptographic chaining (append-only, PG-trigger-enforced)
  • Ed25519 signed manifests + SHA-256 hash-chained audit entries; auditors verify with the GOLINE public key published at /.well-known/keys/
  • Tamper-evident replay: reconstruct exact operational state at any past timestamp from the audit chain
  • Real-time delivery of regulatory-relevant events to Telegram + email + webhook for SIEM/SOAR integration
  • ENISA threat-landscape mapping: every detected anomaly tagged with the relevant ENISA threat category
  • Multi-language dossier output: English + Italian + German + French (Swiss + EU regulator preferences)
  • Per-period analysis windows: monthly, quarterly, annual, ad-hoc range — all from the same evidence corpus
Related standards & references: EU 2022/2555 (NIS2) · EU 2022/2554 (DORA) · EU 2024/1689 (AI-Act)

Engineered and operated by the GOLINE SOC & Network Engineering team.

Explore all RoutePulse features →